421884eef0ac7ddfe415c45f3a02a710_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

421884eef0ac7ddfe415c45f3a02a710_JaffaCakes118
Size

443KB
MD5

421884eef0ac7ddfe415c45f3a02a710
SHA1

b6029506d885f24b789db2a605d20f5ea6c497c7
SHA256

0a2cf199de36405f8e7978c346df52920c621811e5d13d0e5c4f7cdc83929e59
SHA512

73f498bd1a410268502f567f4246be63fcb704a670d7787d8cd6b970dc46846d2e033717eb7e839eb352cddeff0634e834c8075673a5c017d7a485d38e4d0009
SSDEEP

12288:ubq6ih0rU75V3YPPjLcDsbPzVcxggkcKg2D:uHiKUtV3YHM4VP+KL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
421884eef0ac7ddfe415c45f3a02a710_JaffaCakes118

Files

421884eef0ac7ddfe415c45f3a02a710_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f433e7fcc51e68080022754836705744

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
LoadLibraryA
GetProcAddress
ExitProcess
VirtualAlloc
VirtualFree

user32

MessageBoxA

Sections

.text
Size: 152KB - Virtual size: 152KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

mf0sylc2
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

4dghpqr2
Size: 218KB - Virtual size: 220KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

t2n1lfye
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ